By admin | Uncategorized | 0 Comments
In light of the global coronavirus pandemic, the FCA has issued a statement reminding firms that it expects them to have contingency plans in place to deal with major events. The FCA is now actively reviewing the contingency plans of a wide range of firms, including assessments of operational risks, the ability of firms to continue to operate effectively and the steps firms are taking to serve and support their customers.
Irrespective of any internal disruption, the FCA expect firms to protect consumers. This is evident from their current focus on protecting consumers and market integrity in the short term whilst they delay and postpone non-critical activity.
Operational resilience is an outcome. It is the ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover and learn from operational disruptions. Such disruptions could range from technology failures, cyber-related and other operational incidents, including those outside of a firm’s control, such as a global health pandemic.
Operational risk is the risk of reductions in earnings and/or value through financial or reputational loss, from inadequate or failed internal processes and systems or from people related or external events.
The risk profile of FinTechs will vary from firm to firm depending on the particular business model and the regulatory regime to which it is subject. With that said, below are some risks you should consider.
Business Continuity risk
The risk of reductions in earnings or value due unexpected or sustained business interruption.
Compliance & Legal risk
The risk of reductions in earnings or value through financial or reputational loss due to the Group’s failure to respond appropriately to regulation, laws or recognised industry standards that are relevant to the Group’s business activities, strategy and objectives.
Legal Risk is the risk to delivery of business objectives , reductions in earnings and/or value due to legal challenge, adverse judgements or unenforceable contracts.
Customer risk (including Treating Customers Fairly)
The risk of reductions in earnings or value through financial or reputational loss due to inappropriate or poor treatment of customers.
IT risk
The risk of reductions in earnings or value through financial or reputational loss due to IT service design and delivery not supporting the Group’s strategic objectives, or not being compliant with relevant regulation or legislation.
People risk
The risk of reductions in earnings or value through financial or reputational loss due to inappropriate behaviour, industrial action or health and safety issues. Loss can also be incurred through failure to recruit, retain, train, reward and incentivise appropriately skilled staff to achieve business objectives and through failure to take appropriate action as a result of staff underperformance.
Product risk
The risk of reductions in earnings or value through financial or reputational loss due to product design failing to meet customer, legal or regulatory expectations and requirements. This includes product implementation and management.
Supplier & Outsourcing risk
The risk of reductions in earnings or value through financial or reputational loss due to the failure of any supplier or outsourcer; and/or the actions of any third party being in breach of regulation or legislation.
Financial crime risk
The risk of reductions in earnings or value through financial or reputational loss due to financial crime, including bribery and corruption, and any failure to comply with legal and regulatory obligations; these losses may include censure, fines or the cost of litigation and reparation
Data & Management Information risk
The risk of reductions in earnings or value through financial or reputational loss due to any failure to maintain the quality, integrity, security and use of data, information and MI.
Errors & Omissions risk
The risk of reductions in earnings or value through financial or reputational loss due to errors, omissions or similar failures of systems, process or people.
What to do next
FinTech Compliance can support you in conducting a Business Impact Assessment and in reviewing your Business Continuity and Resilience arrangements.
To find out more, please contact us on info@fintechcompliance.co.uk to book a discussion with one of our experienced consultants.